Certification Process

THE IIA’S STREAMLINED CERTIFICATION PROCESS

Taking an IIA global certification exam is more convenient than ever, as IIA
exams are offered through computer-based testing (CBT). This means that you
will be able to take your exam in any one of more than 500 available testing
centers around the world, in any of the exam languages offered at a time that is
convenient for you!.

The IIA has chosen Pearson VUE as its computer-based test administration
vendor. Pearson VUE administers The IIA's exams in a computer-based format
at Pearson VUE’s approved testing centers throughout the world. Pearson VUE
is a leader in global computer-based test administration, and its technology
investments ensure leading—edge security and provide improved service to IIA
candidates. And the Pearson VUE online scheduling system makes scheduling
your test quick and easy.

The IIA has also made it even easier for you to complete the certification process.
Our Certification Candidate Management System (CCMS) allows you to submit
application and exam registration forms online. You can also monitor your
certification progress, access your CBT exam scores, report your continuing
professional education (CPE) credits, and print receipts for your exam fees at any
time.

This handbook walks you through the certification process from start to finish
and should provide all the information you need to complete the process. Please
Visit www.globaliia.0rg/ certification for the most up-to-date information or any
important changes to the exam process.

Requirements

CIA candidates must meet the following eligibility requirements for education,
character, work experience, and identification. Before a candidate application
can be approved, ALL documentation (proof of education, character reference,
and identification) must be received and approved by The IIA's Certification
staff.

Education

CIA candidates must hold a 3— or 4—year post—secondary degree (or higher). For
further details, please refer to the Certification Candidate Handbook.

Acceptable Documents:

Copy of your degree or official transcripts (If your name has changed since you
earned your degree, you must also include your legal name change document.)
Letter from university confirming degree.
Letter from evaluation services confirming degree level important change to the
Education Requirement for the CIA:

The Global Board of Directors has approved an alternate path to eligibility for the CIA for those candidates who do not possess a Bachelor's degree from an accredited university. Candidates may now become eligible for the CIA, subject to approval, who possess:
Two years post-secondary education and five years verified experience in internal audit or its equivalent, OR Seven years verified experience in internal audit or its equivalent.

Professional Experience

CIA

Minimum of 2 years internal audit experience or its equivalent. A statement of the
candidate's work history must be attested to by the candidate's former or current
manager, or someone holding an active IIA Global Certification. Equivalent experience
means experience in audit/assessment disciplines including: external auditing, quality
assurance, compliance, and internal control. Either a master's degree or work experience
in related business professions (such as accounting, law, or finance) can be substituted
for 12 months of experience.

CCSA

1 year of control-related business experience, such as CSA, auditing,
quality assurance, risk management, or environmental auditing.

CGAP

CRMA

2 years auditing experience or controls-related business experience such
as risk management, quality assurance, or CSA.

For all certifications, a statement of the candidate's work history must be
attested to by the candidate's former or current manager, or someone holding
an active IIA Global Certification on the Experience Verification Form.
Candidates may apply to a program and sit for an exam prior to satisfying
the professional experience requirement, but will not be certified until
all program requirements have been met.

Work Experience

CIA candidates with a 4 year post-secondary degree must obtain a minimum of
24 months of internal auditing experience or its equivalent. A Master’s degree
can substitute for 12 of the required 24 months. Please refer to the Certification
Candidate Handbook for more details. A completed Experience Verification
Form is required. Candidates may apply to the program and sit for the exam
prior to satisfying the professional experience requirement, but will not be
certified until all program requirements have been met.

Experience Verification Form

Once you have completed the form, please access the Certification Document
Upload Portal and upload your form(s) there. (Submit the document type as
Work Experience.)

Character Reference

Candidates must exhibit high moral and professional character and must submit
a Character Reference Form signed by a CIA, CGAP, CCSA, CFSA, CRMA, or
the candidate's supervisor.

Character Reference Form

Once you have completed the form, please access the Certification Document
Upload Portal and upload your form(s) there. (Submit the document type as
Character Reference.)

Proof of Identification

Candidates must provide proof of identification in the form of a copy of the
candidate's official passport or national identity card. These must indicate
current status; expired documents will not be accepted. All documents must be
scanned and uploaded through the Document Upload Portal in a manner that
ensures the photo is clearly legible.
Once you have completed the form, please access the Certification Document
Upload Portal and upload your form(s) there. (Submit the document type as
Other).

Eligibility Period

Effective November 2010, the certification program’s eligibility requires
candidates to complete the program certification process within four years of
application approval. If a candidate has not completed the certification process
within four years, all fees and exam parts will be forfeited.

Confidentiality

The CIA exam is a non-disclosed examination. Candidates in the program agree
to keep the contents of the exam confidential and therefore may not discuss the
specific exam content with anyone except The IIA's Certification Department.
Unauthorized disclosure of exam material will be considered a breach of the
Code of Ethics and could result in disqualification of the candidate or other
appropriate censure.

Code of Ethics

CIA candidates agree to abide by the Code of Ethics established by The IIA.

Continuing Professional Education (CPE)

Upon certification, ClAs are required to maintain their knowledge and skills and
stay abreast of improvements and current developments by satisfying CPE
requirements.

IIA Membership

In most cases, you do not have to be a member of The 11A to take the CIA exam
or become a CIA, but we encourage you to consider its advantages. There are
some countries, however, that do require candidates to be IIA members to take
the CIA exam. Candidates in any of the countries listed on the map located at the
top right of this page should contact their local institute to verify this
requirement.
IIA members receive discounts on CIA review materials and courses and have
access to the latest exam preparation resources, networking opportunities, and
current CIA news and information.

Register for the Exam

The IIA‘s certification exams are now offered year-round through
computer-based testing at more than 500 locations worldwide. Apply and
Register Online.

Examination

Candidates must successfully complete the appropriate exam for their chosen
certification program.

CIA candidates must successfully pass all parts of
the 3—part or 4—part exam.

For CGAP candidates, an international version of
the exam is available, as wellas a version that is specific to the United States.

CRMA candidates must successfully complete Part
I of the CIA exam inaddition to the CRMA core exam to achieve the CRMA certification.

Candidates must register for exams once all the required documentation has
been submitted and their application has been approved. Registration occurs
online through CCMS at www.globaliia.org/ certification.

Submitting and Confirming Required Documentation

Required documentation should be submitted through the document upload
portal which can be accessed at www.globaliia.org/ certification. Please be sure
to indicate your candidate ID on your correspondence with us. Submitted
documents will typically be reviewed within five business days of receipt. You
may confirm that the document has been approved by going to
www.globaliia.org/ certification, logging in to your record in CCMS, and
clicking on the appropriate certification program on the “ Certification Progress"
screen. If the document is not approved, you will be contacted by a member of
The llA's Global Certifications Department via email.

CCSA EXAM CONTENT

The CCSA exam tests a candidate’s understanding of important CSA
fundamentals, processes, and related topics such as risk, controls, and business
objectives. The one-part exam includes 115 multiple-choice questions covering
six domains:

CSA fundamentals.

CSA program integration.

Elements of the CSA process.

Business objectives / organizational performance.

Risk identification and assessment.

Control theory and application.

Candidates are given 2 hours and 55 minutes to complete the exam. For detailed
topic outlines, visit www. globaliia.org/ certification. Exam topics and / or
formats are subject to change as approved by the Global Board of Directors.

CCSA EXAM CONTENT

The CCSA exam tests a candidate’s understanding of important CSA
fundamentals, processes, and related topics such as risk, controls, and business
objectives. The one-part exam includes 115 multiple-choice questions covering
six domains:

CSA fundamentals.

CSA program integration.

Elements of the CSA process.

Business objectives / organizational performance.

Risk identification and assessment.

Control theory and application.

Candidates are given 2 hours and 55 minutes to complete the exam. For detailed
topic outlines, visit www. globaliia.org/ certification. Exam topics and / or
formats are subject to change as approved by the Global Board of Directors.

CCSA EXAM CONTENT

The CCSA exam tests a candidate’s understanding of important CSA
fundamentals, processes, and related topics such as risk, controls, and business
objectives. The one-part exam includes 115 multiple-choice questions covering
six domains:

CSA fundamentals.

CSA program integration.

Elements of the CSA process.

Business objectives / organizational performance

Risk identification and assessment.

Control theory and application.

Candidates are given 2 hours and 55 minutes to complete the exam. For detailed
topic outlines, visit www. globaliia.org/ certification. Exam topics and / or
formats are subject to change as approved by the Global Board of Directors.

CFSA EXAM CONTENT

The CFSA exam tests a candidate’s knowledge of current audit practices and
understanding of internal audit issues, risks, and remedies in the financial
services industry. The one-part exam includes 115 multiple-choice questions.
The first 90 questions cover four domains at an awareness level:

Financial services auditing.

Auditing financial services products.

Auditing financial services processes.

The regulatory environment.

For the final 25 questions, CFSA candidates are tested at the proficiency level in
their chosen discipline of banking, insurance, or securities.
Candidates are given 2 hours and 55 minutes to complete the exam. For detailed
topic outlines, visit www.globaliia.org/ certification. Exam topics and / or
formats are subject to change as approved by the Global Board of Directors

CGAP EXAM CONTENT

The CGAP exam tests a candidate’s knowledge of audit practices specific to the
government sector, and measures understanding of government audit
standards, including The IIA's International Standards for the Professional
The one-part CGAP exam includes 115 multiple-choice questions covering four
domains:

Standards, governance, and risk/ control frameworks.

Government auditing practice.

Government auditing skills and techniques

Government auditing environment.

Candidates are given 2 hours and 55 minutes to complete the exam.
For detailed topic outlines, visit www.globaliia.org/ certification. Exam topics
and/ or formats are subject to change as approved by the Global Board of
Directors.

CRMA EXAM CONTENT

The CRMA exam tests a candidate’s knowledge of governance aspects and risk
management assurance in addition to the appropriate assurance and consulting
roles for internal audit professionals. In order to achieve the CRMA designation,
candidates must successfully pass both Part 1 of the CIA exam and the CRMA
core exam (see page 22 for CIA exam content).

Candidates will be given 2 hours to complete the CRMA core exam.
For detailed topic outlines, visit www.globaliia.org/ certification. Exam topics
and / or formats are subject to change as approved by the Global Board of
Directors.

The IIA’s Code of Ethics

The purpose of The IIA’s Code of Ethics is to promote an ethical culture in the
profession of internal auditing.
Internal auditing is an independent, objective assurance and consulting activity
designed to add value and improve an organization's operations. It helps an
organization accomplish its objectives by bringing a systematic, disciplined
approach to evaluate and improve the effectiveness of risk management, control,
and governance processes. A code of ethics is necessary and appropriate for the
profession of internal auditing, founded as it is on the trust placed in its objective
assurance about governance, risk management, and control.

Testing time allotted.

When you are ready to begin the exam, the system will advise you of the time that
you have to complete the exam. The time allotted for each actual exam is as follows:

Certiﬁed Internal Auditor (CIA)

Exam

Number of
qustions

Testing

Part 1

125 multiple choice questions

2 hours and 30 minutes

Part 2

100 multiple choice questions

2 hours

Part 3

100 multiple choice questions

2 hours

Certiﬁcatlon In Contro Self-Assessment (CCSA)

115 multiple choice questions

2 hours and 55 minutes

Certified Government
AUdltmg Professwnal
(CGAP)

115 multiple choice questions

2 hours and 55 minutes

Certiﬁed Flnanclal Auditor
(CFSA)

115 multiple choice questions

2 hours and 55 minutes

certiﬁcation in risk
management assurance(CRMA)

110 multiple choice questions

2 hours

The computer screen has a built-in timer to let you know the time remaining as
you work through the exam. Plan your time wisely so that you do not use your
time up early in the exam and do not have enough time to complete the exam.
The testing system allows you to flag questions for review and allows you to
return to these items after you have viewed the last question in the exam. If you
have completed the last question in the exam before the time is up, you will be
able to review your flagged questions and any other questions until your testing
time expires.
There are no scheduled breaks during the exam. You are allowed to take a break,
if necessary, but any time taken for breaks counts toward the overall time
allotment for that exam. You will need to check out/ in with the exam proctor if
you leave the testing room.
*CRMA additional requirement is the successful completion of the CIA Part 1 exam.